From patchwork Fri Jan 25 08:56:50 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tim Hardeck X-Patchwork-Id: 215585 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id 544182C0085 for ; Fri, 25 Jan 2013 19:57:25 +1100 (EST) Received: from localhost ([::1]:48925 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Tyf6B-0005xf-H5 for incoming@patchwork.ozlabs.org; Fri, 25 Jan 2013 03:57:23 -0500 Received: from eggs.gnu.org ([208.118.235.92]:52125) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Tyf60-0005x3-Hb for qemu-devel@nongnu.org; Fri, 25 Jan 2013 03:57:15 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Tyf5p-0002HY-8D for qemu-devel@nongnu.org; Fri, 25 Jan 2013 03:57:12 -0500 Received: from cantor2.suse.de ([195.135.220.15]:51171 helo=mx2.suse.de) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Tyf5o-0002HM-UU; Fri, 25 Jan 2013 03:57:01 -0500 Received: from relay2.suse.de (unknown [195.135.220.254]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx2.suse.de (Postfix) with ESMTP id D423AA38EA; Fri, 25 Jan 2013 09:56:59 +0100 (CET) Message-ID: <1359104210.6884.5.camel@Thinktank.site> From: Tim Hardeck To: Markus Armbruster Date: Fri, 25 Jan 2013 09:56:50 +0100 In-Reply-To: <1358961360-15623-1-git-send-email-armbru@redhat.com> References: <1358961360-15623-1-git-send-email-armbru@redhat.com> Organization: SUSE LINUX Products GmbH X-Mailer: Evolution 3.4.4 Mime-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.4.x X-Received-From: 195.135.220.15 Cc: qemu-trivial@nongnu.org, qemu-devel@nongnu.org Subject: Re: [Qemu-devel] [PATCH] vnc: Clean up vncws_send_handshake_response() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Hi Markus, thanks for your input. On Wed, 2013-01-23 at 18:16 +0100, Markus Armbruster wrote: > Use appropriate types, drop superfluous casts, use sizeof, don't > exploit that this particular call of gnutls_fingerprint() doesn't > change its last argument. your patch does work fine but if we expect gnutls_fingerprint to change the hash_size there has to be an additional check if the hash_size is bigger than SHA1_DIGEST_LEN. For example: if (accept == NULL) { diff --git a/ui/vnc-ws.c b/ui/vnc-ws.c index de7e74c..e64c895 100644 --- a/ui/vnc-ws.c +++ b/ui/vnc-ws.c @@ -132,7 +132,7 @@ static void vncws_send_handshake_response(VncState *vs, const char* key) in.data = (void *)combined_key; in.size = WS_CLIENT_KEY_LEN + WS_GUID_LEN; if (gnutls_fingerprint(GNUTLS_DIG_SHA1, &in, hash, &hash_size) - == GNUTLS_E_SUCCESS) { + == GNUTLS_E_SUCCESS && hash_size <= SHA1_DIGEST_LEN) { accept = g_base64_encode(hash, hash_size); }